-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sandbox Data Recipient - configurable certificate #8
Comments
I think this should only affect ADR clients from the context on #7. For data holders the same client certificate should be able to register with multiple DH, as has been illustrated with the registrations with both example DHs. |
I agree that we same certificate can be used to register with multiple DH. On the DH side we receive the following DCR request:
Software statement payload:
I've reported another issue here: https://github.com/ConsumerDataRight/mock-data-recipient that is causing DH to fail to register a client due to invalid format of redirect_uris / response_types. |
Hi @ikawalec, Thank you for highlighting the above issue. We have logged the issue and will include a fix in a future release. Regarding configurable certificates for the Sandbox Data Recipient, it may not be possible to provide all functions through the use of one Sandbox Data Recipient. You are correct that multiple Data Recipients either hosted in the Sandbox or hosted by Sandbox Participants would be required. Those Data Recipients would be required to have their own register entries and client certificates. We will look into this request further and add an item to our backlog. Our backlog is prioritised based on customer value and is reprioritised as new initiatives arise. As such, we cannot guarantee that this enhancement request will be fulfilled. Something else worth looking into - It is possible to take the mock-data-recipient and replace the Client Certificate before building a new docker container or running in Visual Studio. |
Is your feature request related to a problem? Please describe.
Looking at the answer here: #7 (comment) it seems that if data recipient has the client certificate configurable (my understanding is that there is only one certificate embedded in the docker), then it should be possible to get a software statement for and register a client. Right now, only the first client succeeded to register and the remaining ones are failing.
Describe the solution you'd like
Add a way to dynamically configure a client certificate.
It could be done via some settings in the data recipient UI.
With that feature, it should be really easy to test the authorization flows.
Right now, it seems that we only option to test data recipient with sandbox registry is to deploy it somewhere using a docker, that might be a difficult process.
Describe alternatives you've considered
Additional context
The text was updated successfully, but these errors were encountered: